package com.fr.privilege.providers.ldap;

import com.fr.base.Inter;
import com.fr.base.StringUtils;
import com.fr.base.core.json.JSONException;
import com.fr.base.core.json.JSONObject;
import com.fr.base.xml.XMLPrintWriter;
import com.fr.base.xml.XMLableReader;
import com.fr.privilege.authentication.Authentication;
import com.fr.privilege.authority.Authority;
import com.fr.privilege.providers.AbstractAuthenticationProvider;
import java.util.Properties;
import javax.naming.NamingException;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;

public class LDAPAuthenticationProvider extends AbstractAuthenticationProvider
{
  private static final long serialVersionUID = 9074755359875747439L;
  private static final String SUN_CONNECTION_POOLING_PROPERTY = "com.sun.jndi.ldap.connect.pool";
  private static final String SUN_DEFAULT_CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
  public static final String AUTH_SIMPLE = "simple";
  public static final String AUTH_NONE = "none";
  public static final String AUTH_STRONG = "strong";
  public static final String REFERRAL_FOLLOW = "follow";
  public static final String REFERRAL_IGNORE = "ignore";
  public static final String REFERRAL_THROW = "throw";
  private String url = "ldap://ip:389";
  private String searchBase = "";
  private String principalSuffix = "";
  private String systemUsername = null;
  private String systemPassword = null;
  private String authentication = "simple";
  private String contextFactory = "com.sun.jndi.ldap.LdapCtxFactory";
  private String referral = "follow";
  private boolean usePool = true;
  private String roleAttribute = "memberOf";

  public boolean authenticate(Authentication paramAuthentication)
    throws Exception
  {
    if (paramAuthentication == null)
      throw new Exception(Inter.getLocText("Privilege-The_Authentication_Can_Not_Be_Null") + ".");
    if (paramAuthentication.isAuthenticated())
      return true;
    String str = paramAuthentication.getPrincipal().toString();
    LdapContext localLdapContext = null;
    try
    {
      localLdapContext = getLdapContext(str, paramAuthentication.getCredentials().toString());
    }
    catch (Exception localException)
    {
      throw new Exception(Inter.getLocText("Privilege-Invalid_User_Or_Password") + ".");
    }
    Authority[] arrayOfAuthority = LDAPUtils.retrievalAuthority(str, this, localLdapContext);
    localLdapContext.close();
    paramAuthentication.setAuthenticated(true);
    paramAuthentication.setAuthorities(arrayOfAuthority);
    return true;
  }

  public String getUrl()
  {
    return this.url;
  }

  public void setUrl(String paramString)
  {
    this.url = paramString;
  }

  public String getPrincipalSuffix()
  {
    return this.principalSuffix;
  }

  public void setPrincipalSuffix(String paramString)
  {
    this.principalSuffix = paramString;
  }

  public String getAuthentication()
  {
    return this.authentication;
  }

  public void setAuthentication(String paramString)
  {
    this.authentication = paramString;
  }

  public String getContextFactory()
  {
    return this.contextFactory;
  }

  public void setContextFactory(String paramString)
  {
    this.contextFactory = paramString;
  }

  public String getSearchBase()
  {
    return this.searchBase;
  }

  public void setSearchBase(String paramString)
  {
    this.searchBase = paramString;
  }

  public String getReferral()
  {
    return this.referral;
  }

  public void setReferral(String paramString)
  {
    this.referral = paramString;
  }

  public String getSystemUsername()
  {
    return this.systemUsername;
  }

  public void setSystemUsername(String paramString)
  {
    this.systemUsername = paramString;
  }

  public String getSystemPassword()
  {
    return this.systemPassword;
  }

  public void setSystemPassword(String paramString)
  {
    this.systemPassword = paramString;
  }

  public boolean isUsePool()
  {
    return this.usePool;
  }

  public void setUsePool(boolean paramBoolean)
  {
    this.usePool = paramBoolean;
  }

  public String getRoleAttribute()
  {
    return this.roleAttribute;
  }

  public void setRoleAttribute(String paramString)
  {
    this.roleAttribute = paramString;
  }

  private LdapContext getLdapContext(String paramString1, String paramString2)
    throws NamingException
  {
    if (StringUtils.isBlank(this.url))
      throw new IllegalStateException(Inter.getLocText("Privilege-The_Url_Must_Be_Specified") + ".");
    Properties localProperties = new Properties();
    localProperties.put("java.naming.factory.initial", this.contextFactory);
    localProperties.put("java.naming.provider.url", this.url);
    if ((this.usePool) && (!(StringUtils.isBlank(paramString1))) && (paramString1.equals(this.systemUsername)))
      localProperties.put("com.sun.jndi.ldap.connect.pool", "true");
    if ((!(StringUtils.isBlank(paramString1))) && (!(StringUtils.isBlank(this.principalSuffix))))
      paramString1 = paramString1 + this.principalSuffix;
    if (!(StringUtils.isBlank(paramString1)))
      localProperties.put("java.naming.security.principal", paramString1);
    if (!(StringUtils.isBlank(paramString2)))
      localProperties.put("java.naming.security.credentials", paramString2);
    localProperties.put("java.naming.security.authentication", this.authentication);
    localProperties.put("java.naming.referral", this.referral);
    return new InitialLdapContext(localProperties, null);
  }

  public void readXML(XMLableReader paramXMLableReader)
  {
    super.readXML(paramXMLableReader);
    if (paramXMLableReader.isChildNode())
    {
      String str1 = paramXMLableReader.getTagName();
      if (str1.equals("LUSAttr"))
      {
        String str2 = null;
        if ((str2 = paramXMLableReader.getAttr("url")) != null)
          this.url = str2;
        if ((str2 = paramXMLableReader.getAttr("searchBase")) != null)
          this.searchBase = str2;
        if ((str2 = paramXMLableReader.getAttr("principalSuffix")) != null)
          this.principalSuffix = str2;
        if ((str2 = paramXMLableReader.getAttr("systemUsername")) != null)
          this.systemUsername = str2;
        if ((str2 = paramXMLableReader.getAttr("systemPassword")) != null)
          this.systemPassword = str2;
        if ((str2 = paramXMLableReader.getAttr("authentication")) != null)
          this.authentication = str2;
        if ((str2 = paramXMLableReader.getAttr("contextFactory")) != null)
          this.contextFactory = str2;
        if ((str2 = paramXMLableReader.getAttr("referral")) != null)
          this.referral = str2;
      }
    }
  }

  public void writeXML(XMLPrintWriter paramXMLPrintWriter)
  {
    super.writeXML(paramXMLPrintWriter);
    paramXMLPrintWriter.startTAG("LUSAttr");
    if (StringUtils.isNotBlank(this.url))
      paramXMLPrintWriter.attr("url", this.url);
    if (StringUtils.isNotBlank(this.searchBase))
      paramXMLPrintWriter.attr("searchBase", this.searchBase);
    if (StringUtils.isNotBlank(this.principalSuffix))
      paramXMLPrintWriter.attr("principalSuffix", this.principalSuffix);
    if (StringUtils.isNotBlank(this.systemUsername))
      paramXMLPrintWriter.attr("systemUsername", this.systemUsername);
    if (StringUtils.isNotBlank(this.systemPassword))
      paramXMLPrintWriter.attr("systemPassword", this.systemPassword);
    if (StringUtils.isNotBlank(this.authentication))
      paramXMLPrintWriter.attr("authentication", this.authentication);
    if (StringUtils.isNotBlank(this.contextFactory))
      paramXMLPrintWriter.attr("contextFactory", this.contextFactory);
    if (StringUtils.isNotBlank(this.referral))
      paramXMLPrintWriter.attr("referral", this.referral);
    paramXMLPrintWriter.end();
  }

  public void readJSON(JSONObject paramJSONObject)
    throws JSONException
  {
    super.readJSON(paramJSONObject);
    this.url = paramJSONObject.getString("url");
    this.searchBase = paramJSONObject.getString("searchBase");
    this.principalSuffix = paramJSONObject.getString("suffix");
    this.systemUsername = paramJSONObject.getString("sysUser");
    this.systemPassword = paramJSONObject.getString("sysPassword");
    this.authentication = paramJSONObject.getString("authen");
    this.contextFactory = paramJSONObject.getString("context");
    this.referral = paramJSONObject.getString("referral");
  }
}